Facebook Smackdown: UK Seeks 'Digital Gangster' Regulation

The House of Commons released this photograph in response to Facebook CEO Mark Zuckerberg's failure to testify on Nov. 27. 2018, before its probe into disinformation and "fake news."

Technology giants are threatening British society via their naked pursuit of "profit over data security," functioning as monopolies and blocking attempts to hold them to account, a Parliament committee concludes. But the U.K.'s electoral system is also "not fit for purpose" in the era of disinformation and "fake news" campaigns being propagated via social media platforms and targeted advertising, the committee says.

Those findings are contained in a final report issued by Parliament's Digital, Culture, Media and Sport Committee on Monday. It warns that "the ubiquity of social media" has a polarizing effect that amplifies "propaganda and politically aligned bias," which "reduces the common ground on which reasoned debate, based on objective facts, can take place."

The committee has been investigating disinformation and fake news in the wake of the Cambridge Analytica scandal and nation-state election interference campaigns targeting western democracies.

The ability to weaponize social media platforms is unlikely to go away. But technology giants have worked to actively disrupt attempts to unravel how their operations work and how they put users and non-users alike at risk of harm, the committee says.

'Profit Over Data Security'

The report accuses Facebook in particular of actively attempting to block efforts to understand how its targeted advertising ecosystem functions, acting as if it has a monopoly on personal information and generally behaving "like 'digital gangsters' in the online world, considering themselves to be ahead of and beyond the law."

But the committee reserves especial scorn for Facebook CEO Mark Zuckerberg, pointing to his failure to testify before Parliament. Instead, Zuckerberg issued a Facebook post, saying to the committee: "We look forward to continuing our collaboration."

The committee has slammed Zuckerberg, saying he "continues to choose profit over data security." It also accuses him of talking out of both sides of his mouth about giving users meaningful control of the data that the social network holds on them. For example, Zuckerberg in April 2018 told Congress that "you should have complete control over your data" and that "if we're not communicating this clearly, that's a big thing we should work on" (see: Facebook to Congress: We Shared More Data Than We Said).

But the committee's report notes: "The advertising profile that Facebook builds up about users cannot be accessed, controlled or deleted by those users. It is difficult to reconcile this fact with the assertion that users own all 'the content' they upload."

Lack of Transparency Into Election Spending

At the same time, however, U.K. election laws make it easy to hide "who is spending what, and where and how" in the words of a June 2018 Electoral Commission report - or to impose meaningful sanctions against offenders, according to the DCMS report.

"Electoral law is not fit for purpose and needs to be changed to reflect changes in campaigning techniques, and the move from physical leaflets and billboards to online, micro-targeted political campaigning," the report says. "There needs to be: absolute transparency of online political campaigning, including clear, persistent banners on all paid-for political adverts and videos, indicating the source and the advertiser; a category introduced for digital spending on campaigns; and explicit rules surrounding designated campaigners' role and responsibilities."

Life After Cambridge Analytica

Facebook data ended up in the hands of Cambridge Analytica, the now-defunct analytics firm that worked on President Donald Trump's election campaign for about five months and also worked with the "Leave" campaign during Britain's 2016 "Brexit" referendum on its EU membership.

Conservative Party MP Damian Collins, chair of the DCMS committee, told Time in January that the Cambridge Analytica scandal catalyzed concerns over the impact of social media on British society, making the general public realize "that content is targeted at people in ways they don't often see or understand."

Collins told Time: "The ethics of that, and the mechanism for doing that, became a really important part of the inquiry as well." He also said the probe was taking a hard look in particular at Zuckerberg, who has a "pattern of avoiding scrutiny."

Our final @CommonsCMS report on disinformation and fake news has now been published and can be found here on the committee website. We make a large number of recommendations including statutory regulation for social media to protect users from online harms https://t.co/9qlRsY9G03

Seeking Ethical Oversight, More Transparency

Beyond potentially reforming U.K. electoral law, however, can tech giants also be brought to heel?

Here's the DCMS committee's proposal: "The big tech companies must not be allowed to expand exponentially, without constraint or proper regulatory oversight," the report states. "But only governments and the law are powerful enough to contain them. The legislative tools already exist. They must now be applied to digital activity, using tools such as privacy laws, data protection legislation, antitrust and competition law."

The report says that if any technology firm is found to have gotten too large, giving it a monopoly, then it should be broken up.

Beyond added transparency, DCMS also wants to see ethical oversight of social media platforms become a regulatory mandate, especially as some companies stand accused of prioritizing profits over the public good.

"Facebook's handling of personal data, and its use for political campaigns, are prime and legitimate areas for inspection by regulators, and it should not be able to evade all editorial responsibility for the content shared by its users across its platforms," the committee's report says.

Efforts in Germany, France, US

Arguably, the U.K. has been slow off the mark, despite London-based Cambridge Analytica having been tied to pro-Brexit efforts.

Under the EU's General Data Protection Regulation, France's National Data Protection Commission, abbreviated as CNIL, has also slammed a $57 million fine on Google. CNIL says the technology giant - including its targeted advertising personalization model - does not currently comply with GDPR and must come into compliance as quickly as possible (see: France Hits Google With $57 Million GDPR Fine).

In January, the German Ministry for Information Security and Facebook announced that they were working together to combat disinformation campaigns, as they did in 2017, ahead of this spring's EU elections.

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.